Too Many Keys

Charly Avital shavital at mac.com
Wed Apr 27 23:03:00 CEST 2005


At 1:25 PM -0500 4/27/05, Clint Laskowski wrote:
>I'm new to GPG. Over the years I've toyed with PGP, etc. Now, I'm trying
>to integrate keys I've created in the past into GPG. Should I do that?
>Or should I just start with a fresh new set of keys?


I have found in the servers two keys that seem to belong to you:
(1)     Clinton Laskowski <clint at robotic.com>
          1024 bit DSA key BB1765B4, created: 2005-04-27
(2)     Clint Laskowski <clint at robotic.com>
          1024 bit DSA key 373BDBAE, created: 2004-06-08

If those keys belong to you, if you can use them (you have the secret keys, you have the passphrase), and people with whom you correspond use them to encrypt to you, then you might consider keeping them, and keep on using them



>If I do integrate
>them into my GPG install, what's the best way?


Export the key blocks (public and private) from your "previous" PGP software, and import them into your current gpg keyrings. Please remember that gpg will accept key blocks with Unix line-ends only.

>Should I re-sign them
>with my new GPG set?

Yes, that would be advisable, in order to have a consistent trust set within your own keyrings.

> If I don't integrate them, should I revoke the old
>ones?

Unless you have a compelling reason to revoke them (e.g. you suspect they have been compromised) you should keep them, provided, as already said, that you have the complete key pairs with their correspondent passphrase.


> Any pointers will be appreciated. -- Clint

Of course, it's up to you what to do, but I believe the above pointers are consistent with PGP usage.

>
>My new public key block:
>
>-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.1 (MingW32) - WinPT 0.9.92

[...]


If you intend to upload you new key to the keyservers, there is no need to post the keyblock in a message to the list.

Welcome and best luck,

Charly
Mac OS X - gpg 1.4.1 - C91B085E



More information about the Gnupg-users mailing list